Add docs for an empty `trusted_key_servers` config option (#13999)

* Add docs for an empty `trusted_key_servers` config option * small rewording * Tweak changelog
2022-10-28 14:55:03 +02:00 · 2022-10-28 14:55:03 +02:00 · 44f0d573cf
parent aa70556699
commit 44f0d573cf
2 changed files with 7 additions and 0 deletions
--- a/changelog.d/13999.doc
+++ b/changelog.d/13999.doc
@ -0,0 +1 @@
+Explain how to disable the use of `trusted_key_servers`.
--- a/docs/usage/configuration/config_documentation.md
+++ b/docs/usage/configuration/config_documentation.md
@ -2681,6 +2681,12 @@ is still supported for backwards-compatibility, but it is deprecated.
 warning on start-up. To suppress this warning, set
 `suppress_key_server_warning` to true.

+If the use of a trusted key server has to be deactivated, e.g. in a private
+federation or for privacy reasons, this can be realised by setting
+an empty array (`trusted_key_servers: []`). Then Synapse will request the keys
+directly from the server that owns the keys. If Synapse does not get keys directly
+from the server, the events of this server will be rejected.
+
 Options for each entry in the list include:
 * `server_name`: the name of the server. Required.
 * `verify_keys`: an optional map from key id to base64-encoded public key.
				`@ -0,0 +1 @@`
				Explain how to disable the use of `trusted_key_servers`.